Drift says $280 million exploit linked to North Korea‑aligned actors; attorney warns it may be 'civil negligence'
first published 2026-04-05T06:47:18Z
Drift Protocol was exploited for $270 million in what is described as the largest Solana‑era hack. Attackers allegedly ran a six‑month, in‑person social engineering campaign starting late 2025, posing as a quantitative trading firm, onboarding an Ecosystem Vault and depositing over $1 million to gain trust. They met contributors at international conferences through early 2026, delivered a cloned code repository (leveraging a known VSCode/Cursor vulnerability) and a fake TestFlight app to compromise developers. Drift halted deposits and withdrawals after the exploit; Solana co‑founder Anatoly Yakovenko called the breach “terrifying.” Attackers subsequently scrubbed Telegram chats and removed malicious software.
AI Analysis
The story reports a $270M loss (largest Solana‑era hack), developer compromise via cloned repo and fake TestFlight app, and halted deposits/withdrawals—facts that directly undermine protocol safety and market trust.
Expected Investor Sentiment: Very Bearish
Potential Market Impact: High
Source Articles
- 'Terrifying': Solana Founder Reacts to One of Biggest DeFi Hacks in History - U.Today
- Drift Protocol $280M exploit took 'months of deliberate preparation' - Cointelegraph
- Drift links $280M hack to radiant attackers - Crypto News
- Drift says $270 million exploit was a six-month North Korean intelligence operation - CoinDesk
- AI is making crypto's security problem even worse, Ledger CTO warns - CoinDesk
- Crypto attorney says Drift incident may qualify as 'civil negligence' - Cointelegraph
- Solana Price Under Pressure as Selling Activity Rises—Is More Downside Ahead? - Coinpedia
